Custody Solutions: Which Option Is Right for Me?
When it comes to custody, there’s no straightforward answer. At Jump Crypto, we’ve used just about every custody option over the years. In this post, we’ll discuss some choices and highlight their tradeoffs.
Cryptocurrency is controlled by a private key or some combination of keys. If someone, besides the owner, has access to the private key, the worry is that they can permanently spend its associated assets from anywhere without attribution. This is a harsh consequence for globally distributed ledgers. Protection of private keys is critical and there are many compelling solutions out there. In the next few paragraphs, we’ll break them down for you.
All custody solutions make it more difficult to access private keys, and in each, there are variations on how private keys can be used (can I sign with contract X or send to address Y?). Each has tradeoffs that affect how convenient it is to actually use your assets, and differences in how safe you are from being compromised.
Here, we’ll iterate different solutions for individuals. They may not scale well for organizations, but they can work great for individual use.
The easiest: leaving assets in exchange custody
Though most people rely on exchange custody for some period - like when you first buy - the question remains: should you leave assets on the exchange after you’ve finished trading?
Exchanges have some of the highest rates of attack out of any enterprise in crypto. This is mostly due to the fact that they support millions of users, are active 24/7, and have complex web interfaces. It’s fine to hold assets on an exchange to do business, but leaving assets there long-term may expose you to unnecessary risk.
The risks aren’t always hacks. Sometimes the risk is with the exchange itself, as exchanges sometimes halt withdrawals or deposits. If you leave your assets on the exchange, you may experience periods where you’re not able to conduct the transactions you want. If you had direct interaction with the blockchain, on the other hand, you’d be able to do so.
Fortunately, top exchanges have increased security measures and often insure or otherwise reimburse users in case of compromises. Using top exchanges in well-regulated geographies is becoming a better option for those who just want to hold onto their assets, similar to those who just want to leave their funds in a bank. Also, if you forget your login information, there are routes to recover your account, whereas a lost wallet can be unrecoverable. In some cases, an exchange may look and feel a lot like a traditional bank.
Currently, most exchanges cannot interoperate with the full DeFi landscape, which means users could be missing out on a lot. Fortunately, this is changing, as most exchanges are building support for various DeFi protocols. You could argue this is a feature and not a bug; finding DeFi protocols to use yourself is inherently risky. Instead, using exchange integrated DeFi protocols may greatly mitigate risk for people unfamiliar with existing projects.
Or, self custody using a wallet
If you were to move custody out of an exchange, the next step would be moving funds to some sort of wallet, hardware or software, that you control. While this alleviates concerns that an organization could get hacked or go down, it introduces new ways to shoot yourself in the foot.
Here are some blunders you’ll want to avoid:
- Giving out the seed phrase for your wallet.
- Losing the seed phrase for your wallet.
- Signing a transaction for a fraudulent smart contract.
- Signing a transaction on a hacked website.
- Sending funds to the wrong address.
If you’re unfamiliar with these issues, then using your own wallet could be very risky. If you’re already aware of these problems, then you can probably proceed with confidence. In a future post, we will go over all of these risks and how to go about mitigating them.
That said, there are some notable wallet solutions that reduce risk. Here are some awesome, blunder-reducing features we like to see in wallets:
Key shares. Splitting the key (and/or seed) into two or more different shares to make it much harder for either the user or company to disclose the full key or seed. The user stores one share, and a company stores the other. How the backups get restored (when the user loses their share) is critical.
Policy management. Often users send funds to the same addresses or interact with contracts that have audits. Wallets should leverage this and encourage the user to meaningfully consider when interacting with new addresses.
Transaction verification. It can be very difficult to verify that the transaction you are signing is doing what you expect. Wallets cannot easily verify the payloads for the many DeFi applications out there. Ideally, no one should have to enable blind signing (signing transactions without knowing what they do).
Perhaps the greatest feature of wallets is that they have the best interoperability with all kinds of projects in the industry. Need to convert a token and stake it somewhere? Most likely you’ll be able to do it using the most popular wallet on the blockchain you’re using.
Configure social backups or contracts using smart contract custody
Smart contract custody (using multi-signatures) can be a promising option for individual users if they want to set up either a social backup or contractual arrangement with other people.
With smart contract custody, you can store token versions of your assets in a smart contract and give other key holders permission to move the assets. It does not solve the key problem fully — you still need to custody a key to interact with this custody smart contract - but you can come up with fancy schemes.
For example: imagine that there’s a smart contract that holds 1000 USDC and there are two people, Person A and Person B, that each hold a key to move funds held by the contract. Let’s say Person A owns the funds and Person B has been designated as a trusted backup. Then if person A loses their key, then they can go to Person B as a recovery option (assuming person B cooperates and didn’t also lose their key).
Another example: You could designate your private key to control funds in a contract and set up a backup pair of keys that, when used together, could also control the funds. You could distribute this set of keys to trusted family or friends, who could come together to recover funds if needed.
Any boolean combination of signature requirements can be configured. However, it can be complex to set up a “safe” multi-signature arrangement — one with good social backups and/or safe backups of keys. If there is a well defined time period to the custody, like in the case of setting up a bet or contract with someone else, then it’s easier to have confidence in this kind of solution.
Users should only use well audited & tested solutions for creating such custody contracts. Keep in mind that by using these, you may be limited to a single blockchain or class of blockchains that host these contracts.
Wallets play a big role in enterprise custody. In some cases, consumer wallets are the only ways to access the latest and greatest of DeFi applications.
That said, individual wallets may run into scale issues when used by organizations. If a private key needs to be used by multiple team members, the options are not great. The same seed phrase can be used to initialize multiple wallets, but losing just one wallet could cause a leak of all the associated private keys. Because there are many people on a team, the likelihood of making mistakes increases.
Solutions that can split a private key to reside in different locations can resolve this issue and let teams scale beyond a single individual.
Using vendors: Institutional custody
There are a number of great commercial solutions that will take custody of assets for you. Many have state of the art controls that allow employees to manage assets. They are better than using exchange custody as there is no trading, a much smaller attack surface, and a more exclusive focus on security.
Good custodians will insure the assets and may even provide particular legal qualifications. These may be important for some institutional parters.
The downside is that you are limited to specific blockchain technologies and that there is a lack of transparency as to how some technologies are implemented or maintained. Also in theory, one party (the vendor) has 100% control of your private keys.
Using vendors and self-custody: MPC as a Service
Multiparty computation (MPC) is a combination of institutional custody and self-custody based on threshold signatures, or multiparty computation (MPC).
- Every private key is split into shares.
- Customer holds one share. The cloud-based vendor holds the other.
- To produce a valid signature, both the customer and commercial provider must agree to do so, and use MPC to create it.
- The vendor enforces policy before using its key share to prevent a compromised customer sending funds to arbitrary addresses.
Ideally, if either the customer or vendor is compromised, then there shouldn’t be a loss of funds.
All of the providers to date are proprietary and have the same tradeoffs as with institutional providers. The difference is that no one has 100% control of the private key (except in the case of backups).
Smart contract custody
Smart contract custody can be a compelling tool for enterprise. Though we will not all use the same commercial solution, we can potentially all use the same smart contract and set up a multi-signature setup or vesting schedule.
On its own, smart contract custody may not be enough for an organization. Rather, it could be more of a tool to use to setup common contracts to cover token unlocks, vesting, multi-signatures, or other uses.
Decentralized autonomous organizations (DAOs) are an ideal case for using smart contract custody solutions. Typically there are a very large number of multi-signature key holders (often more than 50) in a DAO. Having a large number of signers makes it naturally resistant to people losing their keys since most people won’t lose their keys at any given time and can re-enroll locked-out members back on (or vote compromised members out). This works very well for treasury management, where there are relatively infrequent movements of large amounts.
Distributed self custody
At Jump, we’re working on a soon-to-be open source custody solution that has the decentralization, security, transparency, and convenience we need. We’ll be releasing open source components as they mature and will write about them along the way.
If you’re interested in self custody or are actively looking for a solution, reach out to us: we’re always happy to discuss the topic (@_conorpp, @0x0ece, @nsuri_, @nickraystalder). If you want to talk about careers at Jump, we’d love to hear from you.
Conor is a Security Engineer who specializes in credential management and custody. He started out as a hardware hacker and founded a company producing open source FIDO2 security keys..View All Posts (1)
Stay up to date with the latest from Jump_
SAFU: Creating a Standard for Whitehats
Whitehats and DeFi protocols need a shared understanding of security policy. We propose the SAFU - Simple Arrangement for Funding Upload - as a versatile and credible way to let whitehats know what to...
Oct 24 2022 _ 17 min
Stop the Chain! CosmWasm Stack Overflow
This post announces a vulnerability we discovered in CosmWasm, a smart contract platform written for the Cosmos ecosystem. The vulnerability was a stack overflow, which would have allowed users who ca...
Jun 01 2023 _ 1 min
The information on this website and on the Brick by Brick podcast or Ship Show Twitter spaces is provided for informational, educational, and entertainment purposes only. This information is not intended to be and does not constitute financial advice, investment advice, trading advice, or any other type of advice. You should not make any decision – financial, investment, trading or otherwise – based on any of the information presented here without undertaking your own due diligence and consulting with a financial adviser. Trading, including that of digital assets or cryptocurrency, has potential rewards as well as potential risks involved. Trading may not be suitable for all individuals. Recordings of podcast episodes or Twitter spaces events may be used in the future.